
<?php
if (!isset($_SESSION)) {
    session_start();
}

if (isset($_POST['connexion']) && $_POST['connexion'] == 'Connexion') {
    if (!empty($_POST['login']) && !empty($_POST['pass'])) {
        $bdd = new PDO('mysql:host=localhost;dbname=thehomesickboys', 'root', '');
        $bdd->exec("SET CHARACTER SET utf8");
        $rep = $bdd->query('SELECT count(*) As NbrCo FROM user WHERE login="' . $_POST['login'] . '" AND pass_md5="' . md5($_POST['pass']) . '"') or die('Erreur SQL !<br />' . $sql . '<br />' . mysql_error());
        $data = $rep->fetch();
        if ($data[0] == 1) {
            $_SESSION['login'] = $_POST['login'];
            header('Location: index.php?controleur=Vues&action=AfficherAdmin');
            exit();
        } elseif ($data['NbrCo'] == 0) {
            $erreur = 'Compte non reconnu.';
        }
    } else {
        $erreur = 'Au moins un des champs est vide.';
    }
}
?>

<?php
if (isset($_SESSION['login'])) {
    $bdd = new PDO('mysql:host=localhost;dbname=thehomesickboys', 'root', '');
    $bdd->exec("SET CHARACTER SET utf8");

    $rep = $bdd->query('SELECT HomesickBoys, Nono FROM user WHERE login="' . $_SESSION['login'] . '"');
    ?>

    <div class="connexionok"> Connexion réussi ! <br/>
        <form method="post" action="index.php?controleur=Vues&action=AfficherConfirmationAjout" enctype="multipart/form-data">
            <fieldset>
                <legend>Ajout d'une image</legend>
                <label for="nom">Nom</label>
                <input type="text" id="nom" name="nom"/><br>
                <label for="image1">Image</label>
                <input type="file" id="image1" name="image1"/><br/>
                <button type="submit">Uploader</button>
            </fieldset>
        </form>
        <ul>
            <li><a href="index.php?controleur=Images&action=AffichersupprimerImage"> Supprimer une image <a></li>
        </ul>
    </div>

    <?php
} else {
    ?>
    <div class="connexion">
        Connexion:<br />
        <form action="index.php?controleur=Vues&action=AfficherAdmin" method="post" style="margin-top: 10px;">
            <table><tr>
                    <td><label for="login"> Login : </label></td>
                    <td><input type="text" name="login" value="<?php if (isset($_POST['login'])) echo htmlentities(trim($_POST['login'])); ?>"><br /></td></tr>
                <tr><td><label for="password"> Mot de passe : </label></td>
                    <td><input type="password" name="pass" value="<?php if (isset($_POST['pass'])) echo htmlentities(trim($_POST['pass'])); ?>"><br /></td></tr>
            </table>
            <input type="submit" name="connexion" value="Connexion" style="margin-right: 40px; margin-top: 10px; margin-bottom: 10px;">
        </form>
        <?php
        if (isset($erreur))
            echo '<br /><br />', $erreur;
        ?>
    </div>
    <?php
}
?>
